<?php

$GLOBALS['tbl_prefix'] = $CONFIG['tbl_prefix']; 

function new_post($pubdate,$title,$teaser,$post,$public,$uid,$topic,$slug='') { 
	$tbl_prefix = $GLOBALS['tbl_prefix']; 
	$debug_mode=1; 
	$now = time(); 
	$sql  = "INSERT INTO ".$tbl_prefix."content (id,pubdate,title,slug,teaser,post,public,uid,topic,views,locked) values ('"
	. $now."','".$pubdate."','". mysql_real_escape_string($title)."','".mysql_real_escape_string($slug)."','"
	. mysql_real_escape_string($teaser)
	. "','".mysql_real_escape_string($post)."','".intval($public)."','".intval($uid)."','".intval($topic)."','0','0')"; 
	$result = mysql_query($sql); $GLOBALS['q']++;
	if(!$result) { 
		if($debug_mode) { die(mysql_error()."<br /><br />Query: ".$sql); } else { die($errors['mysql']); } 
	}  
	return $now;	
}

function change_post($id,$pubdate,$title,$teaser,$post,$public,$topic) { 
	$tbl_prefix = $GLOBALS['tbl_prefix']; 
	$sql = "UPDATE ".$tbl_prefix."content SET pubdate='".$pubdate."', title='".mysql_real_escape_string($title)
	."', teaser='".mysql_real_escape_string($teaser)
	."', post='".mysql_real_escape_string($post)."', public='".intval($public)."', topic='".intval($topic)."' 
	WHERE id='".intval($id)."'"; 
	$result = mysql_query($sql); $GLOBALS['q']++;
	if(!$result) { 
		if($debug_mode) { die(mysql_error()."<br /><br />Query: ".$sql); } else { die($errors['mysql']); } 
	} 
	return TRUE;
}

function remove_post($id) { 
	$tbl_prefix = $GLOBALS['tbl_prefix']; 
	$sql = "DELETE FROM ".$tbl_prefix."content WHERE id='".intval($id)."'";
	$result = mysql_query($sql); $GLOBALS['q']++;
	if(!$result) { 
		if($debug_mode) { die(mysql_error()."<br /><br />Query: ".$sql); } else { die($errors['mysql']); } 
	} 
	return TRUE;	
}

function toggle_view_post($id,$public) { 
	$tbl_prefix = $GLOBALS['tbl_prefix']; 
	$sql = "UPDATE ".$tbl_prefix."content SET public='".intval($public)."' WHERE id='".intval($id)."'";
	$result = mysql_query($sql); $GLOBALS['q']++;
	if(!$result) { 
		if($debug_mode) { die(mysql_error()."<br /><br />Query: ".$sql); } else { die($errors['mysql']); } 
	} 
	return TRUE;	
}

function new_topic($name,$file) { 
	$tbl_prefix = $GLOBALS['tbl_prefix']; 
	$sql = "INSERT INTO ".$tbl_prefix."topics VALUES('','".mysql_real_escape_string($name)."','topics/".$file."','1')";
	$result = mysql_query($sql); $GLOBALS['q']++;
	return true; 
}

function change_topic($id,$t,$active) {
	$tbl_prefix = $GLOBALS['tbl_prefix'];  
	$sql = "UPDATE ".$tbl_prefix."topics SET name='".mysql_real_escape_string($t)."',active='$active' WHERE topicid='".$id."'";
	$result = mysql_query($sql); $GLOBALS['q']++;
	return true; 
}

function delete_topic($id) { 
	$tbl_prefix = $GLOBALS['tbl_prefix']; 
	$sql = "DELETE FROM ".$tbl_prefix."topics WHERE topicid='".$id."'";
	$result = mysql_query($sql); $GLOBALS['q']++;
	return true; 
}

function change_topic_ajax($id,$t) { 
	$tbl_prefix = $GLOBALS['tbl_prefix']; 
	$sql = "UPDATE ".$tbl_prefix."content SET topic='".mysql_real_escape_string($t)."' WHERE id='$id'"; 
	$result = mysql_query($sql); $GLOBALS['q']++;
	return true; 
}

/* tag functions */ 
function add_tag($id,$tag) { 
	$tbl_prefix = $GLOBALS['tbl_prefix']; 
	global $debug_mode,$errors;
	if(!$tag || trim($tag)=='') { return TRUE; } 
	$sql  = "INSERT into ".$tbl_prefix."tags (tagid,id,tag,tagname) values ('','".$id."','".mysql_real_escape_string(trim($tag))."','"
	. cat_to_tag($tag)."')";
	$result = mysql_query($sql); $GLOBALS['q']++;
	if(!$result) { 
		if($debug_mode) { die(mysql_error()."<br /><br />Query: ".$sql); } else { die($errors['mysql']); } 
	}  
	return TRUE; 
}

function delete_tag($id) { 
	$tbl_prefix = $GLOBALS['tbl_prefix']; 
	$sql = "DELETE FROM ".$tbl_prefix."tags WHERE tagid='".$id."'";
	$result = mysql_query($sql); $GLOBALS['q']++;
	return TRUE;  
}

function update_tag($id,$tag) { 
	$tbl_prefix = $GLOBALS['tbl_prefix']; 
	if(!$tag || trim($tag)=='') { die("0"); } 
	$sql = "UPDATE ".$tbl_prefix."tags SET tag='".mysql_real_escape_string($tag)."',tagname='"
	. mysql_real_escape_string(cat_to_tag($tag))."' WHERE tagid='".$id."'";
	$result = mysql_query($sql); $GLOBALS['q']++;
	return TRUE;  	 
}

function suggest_tag($t) { 
	$tbl_prefix = $GLOBALS['tbl_prefix']; 
	$sql = "SELECT DISTINCT(tag) FROM ".$tbl_prefix."tags WHERE tag LIKE '".mysql_real_escape_string($t)."%' LIMIT 0,10";
	$result = mysql_query($sql); $GLOBALS['q']++;
	if(!$result) { die(); } 
	while($row = mysql_fetch_assoc($result)) { 
		$x[] = $row['tag'];
	} 		
	return $x;
}
/* end tag functions */ 

function blogin($username,$password) { 
	$tbl_prefix = $GLOBALS['tbl_prefix']; 
	$sql  = "SELECT uid,hash from ".$tbl_prefix."users WHERE username = '".mysql_real_escape_string($username)."' 
	AND password ='".mysql_real_escape_string(sha1($password))."' AND active='1'";
	$result = mysql_query($sql); $GLOBALS['q']++;
	if(!$result) { 
		if($debug_mode) { die(mysql_error()."<br /><br />Query: ".$sql); } else { die($errors['mysql']); } 
	} 
	$n = mysql_num_rows($result); 
	if($n < 1) { 
		return FALSE; 
	} else { 
		while($row = mysql_fetch_assoc($result)) { 
			$x = $row;
		} 		
		return $x;
	}
}

function admin_last_ip($uid,$ip) { 
	$tbl_prefix = $GLOBALS['tbl_prefix']; 
	$sql = "UPDATE ".$tbl_prefix."users SET last_ip='".mysql_real_escape_string($ip)."' WHERE uid='".$uid."'"; 
	$result = mysql_query($sql); 
	if($result) { $GLOBALS['q']++; return TRUE; } else { return FALSE; } 
}


function new_hash($uid) { 
	$tbl_prefix = $GLOBALS['tbl_prefix']; 
	$hash = make_hash('29'); 
	$sql  = "UPDATE ".$tbl_prefix."users SET hash ='$hash' WHERE uid='".intval($uid)."' AND active='1'";
	$result = mysql_query($sql); $GLOBALS['q']++;
	if(!$result) { 
		if($debug_mode) { die(mysql_error()."<br /><br />Query: ".$sql); } else { die($errors['mysql']); } 
	} 
	return $hash;
}

function get_hash_by_uid($uid) { 
	$tbl_prefix = $GLOBALS['tbl_prefix']; 
	$sql  = "SELECT hash from ".$tbl_prefix."users WHERE uid = '".intval($uid)."' AND active='1'";
	$result = mysql_query($sql); $GLOBALS['q']++;
	if(!$result) { 
		if($debug_mode) { die(mysql_error()."<br /><br />Query: ".$sql); } else { die($errors['mysql']); } 
	} 
	$n = mysql_num_rows($result); 
	if($n < 1) { 
		return FALSE; 
	} else { 
		while($row = mysql_fetch_assoc($result)) { 
			$x = $row;
		} 		
		return $x['hash'];
	}
}

function get_user_by_uid($uid) { 
	$tbl_prefix = $GLOBALS['tbl_prefix']; 
	$sql  = "SELECT * from ".$tbl_prefix."users WHERE uid = '".intval($uid)."' AND active='1'";
	$result = mysql_query($sql); $GLOBALS['q']++;
	if(!$result) { 
		if($debug_mode) { die(mysql_error()."<br /><br />Query: ".$sql); } else { die($errors['mysql']); } 
	} 
	while($row = mysql_fetch_assoc($result)) { 
		$x = $row;
	} 		
	return $x;
}

function get_user($uid) { 
	$tbl_prefix = $GLOBALS['tbl_prefix']; 
	global $errors, $debug_mode; 
	$sql  = "SELECT * FROM ".$tbl_prefix."users WHERE uid='".intval($uid)."' LIMIT 0,1";
	$result = mysql_query($sql); 
	if (!$result) { 
		die($errors['mysql']); 
	} else { 
		while($row = mysql_fetch_assoc($result)) { 
			$matches = $row; 
		}
		mysql_free_result($result); 
	}
	return $matches;  	
}

function new_user($username,$password,$realname,$email,$perms,$active,$hash) { 
	$tbl_prefix = $GLOBALS['tbl_prefix']; 
	global $errors, $debug_mode; 
	$sql  = "INSERT INTO ".$tbl_prefix."users (uid,username,password,realname,email,perms,active,hash) ";
	$sql .= " values ('', '".mysql_real_escape_string($username)."', '".mysql_real_escape_string($password)."', '".
	mysql_real_escape_string($realname)."', '".mysql_real_escape_string($email)."', '".intval($perms)."', '".intval($active).
	"', '".mysql_real_escape_string($hash)."')"; 
	$result = mysql_query($sql); 
	if(!$result) { die($errors['mysql']); } else { return mysql_insert_id(); }
}

function change_user($uid,$username,$password,$realname,$email,$perms,$active) { 
	$tbl_prefix = $GLOBALS['tbl_prefix']; 
	global $errors, $debug_mode; 
	$sql  = "UPDATE ".$tbl_prefix."users SET username = '".mysql_real_escape_string($username)."', realname ='"
	.mysql_real_escape_string($realname)."', 
	password ='".mysql_real_escape_string($password)."', email= '".mysql_real_escape_string($email)."', perms= '".intval($perms)."', 
	active='".intval($active)."' WHERE uid = '".intval($uid)."'";
	$result = mysql_query($sql); 
	if(!$result) { 
		if($debug_mode) { die(mysql_error()."<br /><br />Query: ".$sql); }
		else { die($errors['mysql']); } 	
	} else { 
		return true; 
	} 	
} 

function change_user_attr($uid,$field,$val) {
	$tbl_prefix = $GLOBALS['tbl_prefix'];  
	global $errors, $debug_mode; 
	$sql  = "UPDATE ".$tbl_prefix."users SET ".$field."='".mysql_real_escape_string($val)."' WHERE uid='".intval($uid)."'";
	$result = mysql_query($sql); 
	if(!$result) { 
		if($debug_mode) { die(mysql_error()."<br /><br />Query: ".$sql); }
		else { die($errors['mysql']); } 	
	} else { 
		return true; 
	} 	
} 

?>